﻿using System;
using System.Collections;
using System.Linq;
using System.Text;
using System.Data.SqlClient;

namespace LI4.Data
{
    class Login
    {
       
        private Ligacao ligacao;
        
        public Login()
        {
            ligacao = new Ligacao();
        }

        public Business.Login autenticar(string username, string password)
        {
            Business.Login login = new Business.Login();
            SqlDataReader reader;
            

            ligacao.Select("SELECT * FROM Logins where username='"+username+"';");

            reader = ligacao.mySqlDataReader;
            if (reader.Read())
            {
                if (reader.GetString(1).Equals(password))
                {
                    
                    login.Estado = Business.Login.SUCCESS;
                    login.Password = password;
                    login.Username = username;
                    login.Tipo = reader.GetInt32(2);
                }
                else
                    login.Estado = Business.Login.BADPASS;
            }
            else
            {
                login.Estado = Business.Login.BADLOGIN;
            }
            
            return login;
        }

        public void inserir(Business.Login login)
        {
            ligacao.Update("INSERT INTO Logins values('" + login.Username + "','" + login.Password + "','" + login.Tipo + "');");
        }

        public void update(Business.Login login)
        {
            ligacao.Update("UPDATE Logins set password='" + login.Password + "', tipo='" + login.Tipo + "' where username='"+login.Username+"';");
        }

        public void remover(Business.Login login)
        {
            ligacao.Update("UPDATE Logins set tipo='"+login.Tipo+"' where username='" + login.Username + "'");
        }

        public bool existeLogin(string username)
        {
            SqlDataReader reader;

            ligacao.Select("SELECT username FROM Logins where username='" + username + "';");
            reader = ligacao.mySqlDataReader;
            if (reader.Read())
            {
                reader.Close();
                return true;
            }
            else
            {
                reader.Close();
                return false;
            }
        }

        public Business.Login getLogin(string username)
        {
            SqlDataReader reader;

            ligacao.Select("SELECT password,tipo FROM Logins where username='" + username + "';");
            reader = ligacao.mySqlDataReader;
            reader.Read();
            Business.Login login = new LI4.Business.Login(username, reader.GetString(0), reader.GetInt32(1),Business.Login.REGISTO);

            return login;
        }

        public ArrayList pesquisa(string palavra)
        {
            palavra = palavra.ToLower();
            ArrayList array = new ArrayList();
            SqlDataReader reader;
            string[] pesq = new string[3];

            int pal = 0;
            try
            {
                pal = Int32.Parse(palavra);
            }
            catch { }

            ligacao.Select("select Cast(cod_anuncio as varchar(20)) as ident,descricao,tipo='Anúncio' from anuncios where cod_anuncio=" + pal + " or username like '%" + palavra + "%' or descricao like '%" + palavra + "%' " +  
                "union select Cast(cod_curso as varchar(20)) as ident,nome as descricao,tipo='Curso' from cursos where cod_curso="+pal+" or nome like '%"+palavra+"%' "+
                "union select username as ident,nome as descricao,tipo='Candidato' from candidatos where username like '%" + palavra + "%' or nome like '%" + palavra + "%' " +
                "union select username as ident,nome as descricao,tipo='Empresa' from empresas where username like '%" + palavra + "%' or nome like '%" + palavra + "%' " +
                "union select username as ident,nome as descricao,tipo='Operador' from funcionarios where username like '%" + palavra + "%' or nome like '%" + palavra + "%' " +
                "union  select username as ident,descricao+', '+Cast(data as varchar(50)),tipo='Registo' from registos where username like '%" + palavra + "%' or descricao like '%" + palavra + "%'");
            
            reader = ligacao.mySqlDataReader;

            while (reader.Read())
            {
                pesq = new string[3];
                pesq[0] = reader[0].ToString();
                pesq[1] = reader[1].ToString();
                pesq[2] = reader[2].ToString();

                array.Add(pesq);
            }

            reader.Close();
            return array;
        }
        

    }
}
